TY - JOUR
T1 - One secure data integrity verification scheme for cloud storage
AU - Fan, Yongkai
AU - Lin, Xiaodong
AU - Tan, Gang
AU - Zhang, Yuqing
AU - Dong, Wei
AU - Lei, Jing
N1 - Funding Information:
This work was partially supported by CERNET Innovation Project-Research on Key Technologies of Data Security Access Control Mechanism Based on IPv6 (No. NGII20180406 ), by Beijing Higher Education Young Elite Teacher Project (No. YETP0683 ), by Beijing Higher Education Teacher Project (No. 00001149 ).
Funding Information:
The authors declare that they have no conflicts of interest. Yongkai Fan received the Bachelor, Master and Ph.D. degrees from Jilin University, Changchun, China, in 2001, 2003, 2006, respectively. From 2006 to 2009, he was a assistant researcher in Tsinghua University, Beijing. His current appointment is an assistant professor in China University of Petroleum (Beijing) since 2010. His current research interests include theories of software engineering and software security. Xiaodong Lin has received a bachelor’s degree in Information and Computing Science from China University of Petroleum (East China), Qingdao, China, in 2016. And now is applying for master degree of Computer Science and Technology in China University of Petroleum (Beijing). His current research interests include theories of software engineering and software security. Gang Tan Received his B.E. in Computer Science from Tsinghua University in 1999, and his Ph.D. in Computer Science from Princeton University in 2005. He is an Associate Professor in Penn State University, University Park, USA. He was a recipient of an NSF Career award and won James F. Will Career Development Professorship. He leads the Security of Software (SOS) lab at Penn State. He is interested in methodologies that help create reliable and secure software systems. Yuqing Zhang is a professor and supervisor of Ph.D. students of Graduate University of Chinese Academy of Sciences. He received his B.S. and M.S. degree in computer science from Xidian University, China, in 1987 and 1990 respectively. He received his Ph.D. degree in Cryptography from Xidian University in 2000. His research interests include cryptography, wireless security and trust management. Wei Dong is currently an associate professor in Department of Electronic Engineering, Tsinghua University, China. He received his Ph.D. degree from Tsinghua University, China, in 2006, and received his bachelor degree from Lanzhou University, China, in 2000, respectively. His research interests include energy-efficient integrated perception systems for intelligent robots, and algorithm/hardware co-design for moving robots. Jing Lei has received a bachelor’s degree in software engineering from Shanxi Agricultural University, in 2017. And now is applying for master degree of Computer Science and Technology in China University of Petroleum (Beijing). Her current research interests include machine learning and Information Safety.
Funding Information:
This work was partially supported by CERNET Innovation Project-Research on Key Technologies of Data Security Access Control Mechanism Based on IPv6 (No. NGII20180406), by Beijing Higher Education Young Elite Teacher Project (No. YETP0683), by Beijing Higher Education Teacher Project (No. 00001149).
Publisher Copyright:
© 2019 Elsevier B.V.
PY - 2019/7
Y1 - 2019/7
N2 - Cloud computing is a novel kind of information technology that users can enjoy sundry cloud services from the shared configurable computing resources. Compared with traditional local storage, cloud storage is a more economical choice because the remote data center can replace users for data management and maintenance, which can save time and money on the series of work. However, delivering data to an unknown Cloud Service Provider (CSP) makes the integrity of data become a potential vulnerability. To solve this problem, we propose a secure identity based aggregate signatures (SIBAS) as the data integrity checking scheme which resorts Trusted Execution Environment (TEE) as the auditor to check the outsourced data in the local side. SIBAS can not only check the integrity of outsourced data, but also achieve the secure key management in TEE through Shamir's (t,n) threshold scheme. To prove the security, security analysis in the random oracle model under the computational Diffie–Hellman assumption shows that SIBAS can resist attacks from the adversary that chooses its messages and target identities, experimental results also show that our solution is viable and efficient in practice.
AB - Cloud computing is a novel kind of information technology that users can enjoy sundry cloud services from the shared configurable computing resources. Compared with traditional local storage, cloud storage is a more economical choice because the remote data center can replace users for data management and maintenance, which can save time and money on the series of work. However, delivering data to an unknown Cloud Service Provider (CSP) makes the integrity of data become a potential vulnerability. To solve this problem, we propose a secure identity based aggregate signatures (SIBAS) as the data integrity checking scheme which resorts Trusted Execution Environment (TEE) as the auditor to check the outsourced data in the local side. SIBAS can not only check the integrity of outsourced data, but also achieve the secure key management in TEE through Shamir's (t,n) threshold scheme. To prove the security, security analysis in the random oracle model under the computational Diffie–Hellman assumption shows that SIBAS can resist attacks from the adversary that chooses its messages and target identities, experimental results also show that our solution is viable and efficient in practice.
UR - http://www.scopus.com/inward/record.url?scp=85062089876&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85062089876&partnerID=8YFLogxK
U2 - 10.1016/j.future.2019.01.054
DO - 10.1016/j.future.2019.01.054
M3 - Article
AN - SCOPUS:85062089876
SN - 0167-739X
VL - 96
SP - 376
EP - 385
JO - Future Generation Computer Systems
JF - Future Generation Computer Systems
ER -